Check: AIX7-00-003048
IBM AIX 7.x STIG:
AIX7-00-003048
(in versions v3 r1 through v1 r1)
Title
If SNMP is not required on AIX, the snmpd service must be disabled. (Cat II impact)
Discussion
The snmpd daemon is used by many 3rd party applications to monitor the health of the system. This allows remote monitoring of network and server configuration. To prevent remote attacks this daemon should not be enabled unless there is no alternative.
Check Content
Verify there is no "snmpd" service running on the AIX by doing the following: From the command prompt, execute the following command: # grep "^start[[:blank:]]/usr/sbin/snmpd" /etc/rc.tcpip If there is any output from the command, this is a finding.
Fix Text
In "/etc/rc.tcpip", comment out the "snmpd" entry by running command: # chrctcp -d snmpd
Additional Identifiers
Rule ID: SV-215354r958478_rule
Vulnerability ID: V-215354
Group Title: SRG-OS-000095-GPOS-00049
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |
Controls
Number | Title |
---|---|
CM-7 |
Least Functionality |